Skip to main content

Customizing Error Handling

SuperTokens session recipie can throw the following errors:#

Unauthorised error#

  • Thrown when a protected backend API is accessed without a session.
  • The default bahaviour of this is to clear session cookies (if any) and send a 401 to the frontend.
let SuperTokens = require("supertokens-node");let Session = require("supertokens-node/recipe/session");
SuperTokens.init({    supertokens: {...},    appInfo: {...},    recipeList: [        Session.init({            errorHandlers: {                onUnauthorised?: (message, request, response, next) => {                    // TODO: Write your own logic and then send a 401 response to the frontend                },            }        })    ]});

Token theft detected#

let SuperTokens = require("supertokens-node");let Session = require("supertokens-node/recipe/session");
SuperTokens.init({    supertokens: {...},    appInfo: {...},    recipeList: [        Session.init({            errorHandlers: {                onTokenTheftDetected?: (sessionHandle, userId, req, res, next) => {                     // TODO: Write your own logic and then send a 401 response to the frontend                },            }        })    ]});